 Hackers unbalanced?, Are hackers dominating the play time? |
  |
 Nov 27 2006, 05:58 PM
Post
#1
|
|
|
Running Target  Group: Members Posts: 1,288 Joined: 4-September 06 From: The Scandinavian Federation Member No.: 9,300  |
Hei after playing this game a few sessions it turns out our technomancer became the #1 character in the party. Whenever we need to do something its always easier to use the techie than to investigate "manually."
Need info? Hack target system, check cameras. Need access? The same. Need sabotage? ... Need discretion? Basically although the SR4 system seems alot faster than SR3, in the old game it was still necessary for the team to protect the decker, and physically infiltrate an enemy compund. Now the tecno or any decent hacker can simply hack the comlinks of the guards or vehicles outside, or via the matrix from the comfort of a hideout or just on the streets. Cameras and turrets protecting facility? No need to locate a security computer, just hack the cameras and/or guns! Now the character has been dumped, and I find we still miss the hacker abilities, despite the chance we now get to do alternative ways (sneaking, disgiuse, combat etc.). So the question is: Is wireless hacking unbalanced? Are hackers etc. necessary for a shadowrunner and is there a way to keep em from taking all the GM time? There is also the problem of difficulty - hacking should be dangerous and hard, but now with only a few dice (7-8) you can hack almost anything and only glitches will cause trouble unless there is active hacker security. And since tests are extended initial failure means nothing. And there is no longer any dumpshock, ICE burning you out and all those dangerous side effects that made hacking the domain of thrill-seeking partly unstable and anti-social hackers, and that most sensible (or cowardly) people stayed away from. |
 |
 
|
|
Nov 27 2006, 06:12 PM
Post
#2
|
|||
|
Running Target Group: Members Posts: 1,150 Joined: 19-December 05 From: Rhein-Ruhr Megaplex Member No.: 8,081 |
Try using security systems that are completely hardwired. The gate may need a security guard pushing a button to actually open it. The important data is protected from outside wireless access. The BBB recommends limiting the number of rolls in an extended test. |
||
|
|
|
||
|
Nov 27 2006, 06:24 PM
Post
#3
|
|
|
Moving Target Group: Members Posts: 906 Joined: 16-October 06 Member No.: 9,630 |
Don't forget wandering IC's and enemy corp hackers. When my team did a run againts a corp factory. We had managed to aquire the floor plan as it wasn't to a high security a place. We couldn't hack from the outside the wireless network didn't exend beyond the building.
So my street samurai went into the computer control room and shot each of the four hackers there that night with stick and shock. Took out the primary matrix defense in the meat world. Our hacker and technomacner reeked havoc with there system. We blew up a crap load of equipment then left. No deaths or injuries beyond stun. |
|
|
|
|
Nov 27 2006, 06:33 PM
Post
#4
|
|
|
Running Target Group: Members Posts: 1,288 Joined: 4-September 06 From: The Scandinavian Federation Member No.: 9,300 |
First of all I'm not a GM. Secondly, although hardwired is possible, is it common? Isn't wireless the new craze that every corp wants?
Extended tests could be limited, but usually only to the dice pool. Easy still unless you suck. corp hackers seems like the only real good protection. In our game the only place we failed to infiltrate was a groceries delivery warehouse that was protected by an off-location corp hacker and some ice. After the hacker had a fight with the ice, the corp hacker was alerted and the alarm went off, and then we were gone! |
|
|
|
|
Nov 27 2006, 06:50 PM
Post
#5
|
|||||
|
Shooting Target Group: Members Posts: 1,754 Joined: 9-July 04 From: Modesto, CA Member No.: 6,465 |
I think a lot of the hacking issue is it's become more accessable to everyone not just the select player who took the time to read the decking sections pre-SR4. Even some GMs tending to avoid decking since few seemed interested. On the other hand, you could make the same argument about Astral Projection or a Covert Ops type that wants to "go the extra mile" at every opportunity. I spend more time and effort on the critical systems (paydata, resources) than the minor ones. Making sure you have some amount of background information on important NPCs is also in order else you can just return basic non-important facts (if any) about other NPCs in the search. You can't anticipate all their angles, but at least cover the ones that matter the most in your terms.
Consider also that paranoid systems run harder security than less paranoid ones, which in my terms equates to more Black IC and less tolerance on triggering alarms or hackin in the first place. More secure logins (passkeys, AccessID, etc.), chokepoint matrix systems and hard-wire-only help make a "regular" system require a physical presence inside to get the paydata. |
||||
|
|
|
||||
|
Nov 27 2006, 06:59 PM
Post
#6
|
|||
|
Immoral Elf Group: Members Posts: 15,247 Joined: 29-March 02 From: Grimy Pete's Bar & Laundromat Member No.: 2,486 |
I think this might be part of the problem as well. What makes you think these things no longer exist? |
||
|
|
|
||
|
Nov 27 2006, 07:36 PM
Post
#7
|
|
|
Grand Master of Run-Fu Group: Dumpshocked Posts: 6,840 Joined: 26-February 02 From: Tir Tairngire Member No.: 178 |
What he means is that Trace-and-Burn and Psychotropic IC don't [currently] exist. There's no way to cause damage to a commlink, only to an icon or decker; and there's no rules to affect someone's mind short of a sadistic GM saddling someone with the Scorched flaw.
|
|
|
|
|
Nov 27 2006, 08:43 PM
Post
#8
|
|||
|
Target Group: Members Posts: 72 Joined: 15-December 05 Member No.: 8,075 |
Don't forget wireless inhibiting paint/wallpaper. The TM might need to be INSIDE the target you want survailence on to access their wireless network and thus their cams . .. |
||
|
|
|
||
|
Nov 27 2006, 08:57 PM
Post
#9
|
|
|
Moving Target Group: Members Posts: 906 Joined: 16-October 06 Member No.: 9,630 |
Corps want wireless so they can access there computer from anyware in the building. Not from down the street.
You also underestimate difficulty, If you want to actually do some damage in a corp's system you need admin access, which +6 to the threshold. A system 5, fire 5, would have a threshold of 16 to get admin access. When hacking on the fly, every time the hacker makes a check the computer makes a check to beat his stealth. Its a little known fact that extended tests can be limited to a number of rolls equal to your skill. Even when the hacker breaks into the system and gains admin access, corp hackers and wandering IC's can easily spot him. |
|
|
|
|
Nov 27 2006, 10:27 PM
Post
#10
|
|||
|
Shooting Target Group: Members Posts: 1,754 Joined: 9-July 04 From: Modesto, CA Member No.: 6,465 |
Easily? Not unless they do things Admins aren't supposed to (Hacking) or if they are checking for required AccessIDs, Passkeys Modules, or some other ID verification method. |
||
|
|
|
||
|
Nov 27 2006, 10:39 PM
Post
#11
|
|||
|
Neophyte Runner Group: Members Posts: 2,086 Joined: 26-February 02 Member No.: 364 |
I wasn't aware that there were actual game rules for these. Neither Hacking on the Fly or Probing the Target have any modifiers for cracking systems that require these. I suppose you could use a matrix perception test to tell if someone who's logged in on a system logged in using a linked passcode or a passkey, and sound an alert if you find someone who didn't use the required login protocol, but that's about it. |
||
|
|
|
||
|
Nov 27 2006, 10:40 PM
Post
#12
|
|
|
Running Target Group: Members Posts: 1,288 Joined: 4-September 06 From: The Scandinavian Federation Member No.: 9,300 |
Interesting guys... I need some time to read and think, but it may be that we or the GM has overlooked a few things...
That thing about dumpshock was the fact that hackers in AR are not affected by it, only those in hot sim. Right? Not being hot means you lose out on +2 to the check, but it may be worth the safety. If you fail to hack there is usually very little consequence (except possibly blowing the mission by alerting security). jack you don't always need to hack on the fly. And if you need 16 hits, that's hardly extreme. Limiting number of rolls to your skill (i said dice pool but that can't be right) is an optional rule. And even so, 5 tries with skill 5, ability (or program)6, and lets say +2 for being a technomancer. 13 dice=3 hits, thus only one hot away from automatically succeeding. Average would be total 20 hits, well exceeding 16. And if you throw in 3-4 dice of edge as well, making you reroll about half your hits for more potential hits... ok I'm no probability mathematician but it's no brainer that this is not very hard for a focused starting hacker or techie. |
|
|
|
|
Nov 27 2006, 10:50 PM
Post
#13
|
|||||
|
Moving Target Group: Members Posts: 600 Joined: 31-August 05 Member No.: 7,659 |
Not quite. IC still patrols and checks users. If the node was a building with hallways then IC would be the security guard wandering around inside. Just because you opened the door doesn't mean the IC doesn't still check you out. |
||||
|
|
|
||||
|
Nov 27 2006, 11:07 PM
Post
#14
|
|
|
Moving Target Group: Members Posts: 600 Joined: 31-August 05 Member No.: 7,659 |
IMHO, the biggest mistake new people make when designing wireless security is that they don't put devices on the subscription list.
---------------------------------- LINKING AND SUBSCRIBING Now, just because all of your devices can talk to other devices doesn’t mean that they will. For simplicity, privacy, and security, you may confi gure your devices so that they only interact with another specific device (usually your commlink, as your PAN’s hub) or a specific network (your PAN). Th is prevents confusion between users (am I accessing my guncam or yours?) and also off ers a degree of protection from snoopers and hackers. Rather than allowing any stranger access to all of your electronics, anyone that wants to interact with your PAN must connect to your commlink first ---------------------------------- Have a facility with wireless access? The cameras, doors, etc are all subscribed to other things which are subscribed to others, etc in a giant pyramid fashion. Agents monitor logs for changes and constantly report back to the next level. At some point a guy with 3 computer 3 electronic warfare (and 4 data search with a specialization in free porno) using AR instead of full submersion monitors them for changes and to put some human AI into it. Then you can't "hack" into a device without hacking the node that controls it (or possibly the node that controls that). The best you can do is spoof a command to the camera to turn the other direction. But then it's in the log of the camera to turn one way, but the logs don't match with the log of commands given. Perhaps every 5 minutes the logs are compared for discrepancies? Then the change is reported to a hacker who'll look into it. Maybe ASAP in hot sim with agents riding shotgun, maybe after his lunch break is up. With the right datachecks and comparing the right logs it's VERY hard for a hacker to "hack into a door and open it" without risking a bust on the whole mission. I work in a datacenter and reduntant systems checks is a big part of my job. Maybe sometime I'll write up a sample building with various methods of physical entry and how the site would be configured. |
|
|
|
|
Nov 27 2006, 11:11 PM
Post
#15
|
|||||||
|
Shooting Target Group: Members Posts: 1,754 Joined: 9-July 04 From: Modesto, CA Member No.: 6,465 |
Right, but how to you really know who's supposed to be there or not? If they have a valid account (Admin, Security, Personal) and they aren't doing things they aren't suppose to or trying to do things that arent allowed (Hacking), they how do you tell who is legit? I've used a few things like checking for Access ID, Passkey Modules, having IC scan Personas for Hacking programs or combinations of these to determine if an Account is being used by the legit user. If someone has other ideas, please share! |
||||||
|
|
|
||||||
|
Nov 27 2006, 11:13 PM
Post
#16
|
|||
|
Shooting Target Group: Members Posts: 1,754 Joined: 9-July 04 From: Modesto, CA Member No.: 6,465 |
This is a great point about hacking any Node/Device/System. |
||
|
|
|
||
|
Nov 27 2006, 11:21 PM
Post
#17
|
|
|
Moving Target Group: Members Posts: 600 Joined: 31-August 05 Member No.: 7,659 |
Hacking via "on the fly" or "probing the target" looks for exploits in the programming or other "mistakes" that give it an exploit allowing it effective admin level access. It's still not an administrator account, it just allows you to do what an administrator does.
So IC "runs into" a hacker in a hallway and finds out that it's not a real adminstrator but some hacker who used some RPC Overflow error to issue admin level commands. System goes on alert, etc. |
|
|
|
|
Nov 27 2006, 11:30 PM
Post
#18
|
|||
|
Shooting Target Group: Members Posts: 1,754 Joined: 9-July 04 From: Modesto, CA Member No.: 6,465 |
I dont know about "getting admin access without having an account". Exploits let you do things like trick the system into letting you login as a guest and change your permissions to admin or get passwords and use another's account. The most important part is erasing your tracking (logs) so they do track-back to your invallid point of entry. |
||
|
|
|
||
|
Nov 27 2006, 11:39 PM
Post
#19
|
|||
|
Moving Target Group: Members Posts: 906 Joined: 16-October 06 Member No.: 9,630 |
Usually when hacking a corp building its on the fly, its a rare to get access to the security network from outside the building. I've found its the rule of thumb that the security network can't be accessed from the outside. How long do you think it take the rating 5 system with scan 5 to overcome the hacker's stealth? Especially if you throw in some floating IC's and corp hackers. Hot-Sun also grants you more initiative passes, a shadowrunner in who isn't in hot-sim might get hammered to unconciousness by the agents and corp hackers that count as running hot. Also as I understand it technomancers have +2 because they are always in hot-sim. Once inside, they haven't won, remember there is that whole chapter hacked once inside. They have plenty of chances to be detected each time they effect a cameria or a maglock (assuming your lucky enougth to find maglocks controlled by the network) Remember a hacker can't defend from multiple foes in the matrix easily as the street samurai in the meat world. Also the hacker has to think about what he shuts off, he if simpyl shuts down the camerias someone will notice and alert security. Shuting down or sending false data to each camera one at a time as the team goes by means more rolls/ more chances to glitch and more chances for the roving IC to scan and detect him. |
||
|
|
|
||
|
Nov 27 2006, 11:39 PM
Post
#20
|
|
|
Moving Target Group: Members Posts: 600 Joined: 31-August 05 Member No.: 7,659 |
It's specifically unauthorized access:
Exploit (Hacking) Exploit programs are constantly-evolving hacker tools specifi cally designed to take advantage of security fl aws and weaknesses so that a hacker can gain unauthorized access to a node. Exploit programs are used for hacking in without authorized access (p. 221). |
|
|
|
|
Nov 27 2006, 11:41 PM
Post
#21
|
|||
|
Shooting Target Group: Members Posts: 1,754 Joined: 9-July 04 From: Modesto, CA Member No.: 6,465 |
So then just perform a Matrix Perception Test (?) for checking Authorized/Unauthorized user? |
||
|
|
|
||
|
Nov 27 2006, 11:48 PM
Post
#22
|
|
|
Moving Target Group: Members Posts: 906 Joined: 16-October 06 Member No.: 9,630 |
Its the scan program opposed by the targets stealth.
|
|
|
|
|
Nov 27 2006, 11:52 PM
Post
#23
|
|||
|
Shooting Target Group: Members Posts: 1,754 Joined: 9-July 04 From: Modesto, CA Member No.: 6,465 |
Analyze, but what's the Threshold to know if they are authorized or not? Just 1? |
||
|
|
|
||
|
Nov 27 2006, 11:54 PM
Post
#24
|
|
|
Target Group: Members Posts: 79 Joined: 18-September 05 Member No.: 7,758 |
I second the sentiment that hacking doesn't take any more time than astral recon does. It's just that people aren't used to it happening on the fly.
|
|
|
|
|
Nov 27 2006, 11:57 PM
Post
#25
|
|||||
|
Moving Target Group: Members Posts: 906 Joined: 16-October 06 Member No.: 9,630 |
Depends on whos watching I believe and what the person is attempting to do, its largly up to the GM. The standard is the IC sends a message to the corp hackers who then make the call. If the hacker detects them, well then red alert. Stealth failing in the matrix is similar to stealth failing in the corp building. |
||||
|
|
|
||||
|
|
Lo-Fi Version | Time is now: 25th April 2024 - 04:49 PM |
Topps, Inc has sole ownership of the names, logo, artwork, marks, photographs, sounds, audio, video and/or any proprietary material used in connection with the game Shadowrun. Topps, Inc has granted permission to the Dumpshock Forums to use such names, logos, artwork, marks and/or any proprietary materials for promotional and informational purposes on its website but does not endorse, and is not affiliated with the Dumpshock Forums in any official capacity whatsoever.